Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/B256D8FC479711F09A25BE59C4F9AE02.roa
File: B256D8FC479711F09A25BE59C4F9AE02.roa (raw, json)
Hash identifier: g0SoJEOW6hbapp+G2W5wkFaJTTHS/dc2FgUbvjsjuIM=
Subject key identifier: 19:E2:10:25:A2:9E:DC:14:1A:C9:93:7D:FE:D0:5B:00:05:F5:C2:CF
Certificate issuer: /CN=A91C93EE/serialNumber=FC56E7E076F7FD0A84BECC9C3E229142A0901FEC
Certificate serial: 0C89
Authority key identifier: FC:56:E7:E0:76:F7:FD:0A:84:BE:CC:9C:3E:22:91:42:A0:90:1F:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/B256D8FC479711F09A25BE59C4F9AE02.roa
Signing time: Thu 12 Jun 2025 14:15:31 +0000
ROA not before: Thu 12 Jun 2025 14:15:31 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 138636
IP address blocks: 103.135.77.0/24 maxlen: 24
103.135.79.0/24 maxlen: 24
2404:76c0::/32 maxlen: 32
2404:76c0::/33 maxlen: 33
2404:76c0::/34 maxlen: 34
2404:76c0::/35 maxlen: 35
2404:76c0::/36 maxlen: 36
2404:76c0::/40 maxlen: 48
2404:76c0:1000::/36 maxlen: 36
2404:76c0:2000::/35 maxlen: 35
2404:76c0:2000::/36 maxlen: 36
2404:76c0:3000::/36 maxlen: 36
2404:76c0:4000::/34 maxlen: 34
2404:76c0:4000::/35 maxlen: 35
2404:76c0:4000::/36 maxlen: 36
2404:76c0:5000::/36 maxlen: 36
2404:76c0:6000::/35 maxlen: 35
2404:76c0:6000::/36 maxlen: 36
2404:76c0:7000::/36 maxlen: 36
2404:76c0:8000::/33 maxlen: 33
2404:76c0:8000::/34 maxlen: 34
2404:76c0:8000::/35 maxlen: 35
2404:76c0:8000::/36 maxlen: 36
2404:76c0:9000::/36 maxlen: 36
2404:76c0:a000::/35 maxlen: 35
2404:76c0:a000::/36 maxlen: 36
2404:76c0:a000::/37 maxlen: 40
2404:76c0:b000::/36 maxlen: 36
2404:76c0:c000::/34 maxlen: 34
2404:76c0:c000::/35 maxlen: 35
2404:76c0:c000::/36 maxlen: 36
2404:76c0:d000::/36 maxlen: 36
2404:76c0:e000::/35 maxlen: 35
2404:76c0:e000::/36 maxlen: 36
2404:76c0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.crl
rsync://rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 21 Jun 2025 18:31:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3209 (0xc89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C93EE, serialNumber=FC56E7E076F7FD0A84BECC9C3E229142A0901FEC
Validity
Not Before: Jun 12 14:15:31 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=684ae102-0053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6f:9a:0f:28:80:21:a5:ca:f6:cb:0b:48:ae:
a0:56:e0:34:ff:ee:67:32:a9:6a:28:cd:a6:90:0e:
f9:ab:58:cb:ba:65:37:d4:9d:e6:23:c7:ad:01:78:
d3:1d:47:5a:25:a7:35:2a:ba:29:58:74:4b:09:da:
24:59:e1:c1:dc:7a:b6:f1:b3:2e:4b:a2:4c:1c:6b:
4b:98:aa:d2:90:f7:71:32:1e:f4:0c:b6:6d:74:60:
4a:aa:18:97:35:af:ba:b1:9a:6f:b6:db:89:eb:63:
85:3f:13:a3:8a:ee:59:57:b5:31:73:fe:ab:94:ee:
b7:15:e1:4f:84:9f:52:ce:5b:6e:ea:dc:b7:73:66:
e9:95:18:a5:f6:d7:d8:e2:b4:15:a1:e3:a8:83:7b:
35:c3:eb:f6:d7:47:03:0c:f4:49:6f:47:69:52:7a:
f2:49:41:05:17:56:fb:98:b2:2c:f1:3a:41:ab:bf:
ee:48:2c:e9:0e:dd:d7:51:17:4a:d4:7b:45:9e:74:
3a:52:48:a2:0b:d9:7f:ea:b0:0a:17:30:aa:57:ff:
06:f2:ec:66:61:2b:42:5c:80:14:3e:c6:aa:71:ae:
3b:5e:56:aa:47:e3:9f:e6:ba:ad:9b:4c:07:79:4d:
d9:75:86:79:c5:ef:fe:e2:a4:c7:52:8d:c7:58:58:
28:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E2:10:25:A2:9E:DC:14:1A:C9:93:7D:FE:D0:5B:00:05:F5:C2:CF
X509v3 Authority Key Identifier:
keyid:FC:56:E7:E0:76:F7:FD:0A:84:BE:CC:9C:3E:22:91:42:A0:90:1F:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/B256D8FC479711F09A25BE59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.135.77.0/24
103.135.79.0/24
IPv6:
2404:76c0::/32
Signature Algorithm: sha256WithRSAEncryption
27:b0:b0:34:c8:01:17:b8:a9:0a:91:3e:52:46:e7:a0:7e:f2:
71:23:a3:28:a7:d0:d8:97:f5:74:4e:5b:15:2c:f9:73:6f:d3:
95:58:60:d2:cf:f1:bd:e8:af:9a:5f:ec:03:6c:ee:49:1b:a8:
80:ac:7e:b4:60:cc:72:48:44:d6:4a:ae:de:31:e9:77:36:5f:
d8:3d:f0:7c:0a:4e:3b:da:a9:03:6d:fa:c6:94:5b:16:bc:7f:
87:75:c8:78:ad:39:2c:e7:26:da:81:0b:f8:25:25:3f:ab:61:
d1:25:ca:1c:7b:37:ee:f0:99:b3:c9:d8:c7:6f:a4:75:a9:52:
e7:fb:18:e2:89:d3:f0:3a:81:73:74:64:ae:60:ca:93:02:78:
98:b3:7c:e4:df:f1:e8:f2:be:d3:de:e9:89:c5:a9:30:6b:59:
85:f7:58:4a:07:7b:e4:6c:5b:84:fd:c1:c9:53:b5:8a:f6:9c:
80:e3:3d:2a:ac:97:7f:ad:da:f9:8e:d6:5f:6a:9b:2f:18:48:
9b:8e:d4:91:a4:21:72:92:d2:a5:0c:ca:83:05:80:ac:bf:c6:
c8:7c:d5:70:9a:a7:87:54:c0:b4:18:bf:31:0d:54:ca:19:e7:
23:61:72:ce:ed:d4:44:a7:2d:6f:8f:c1:42:91:37:ba:fa:7a:
60:16:72:12
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDIkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzkzRUUxMTAvBgNVBAUTKEZDNTZFN0UwNzZGN0ZEMEE4NEJFQ0M5QzNFMjI5MTQy
QTA5MDFGRUMwHhcNMjUwNjEyMTQxNTMxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODRhZTEwMi0wMDUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxG+aDyiAIaXK9ssLSK6gVuA0/+5nMqlqKM2mkA75q1jLumU31J3mI8etAXjT
HUdaJac1KropWHRLCdokWeHB3Hq28bMuS6JMHGtLmKrSkPdxMh70DLZtdGBKqhiX
Na+6sZpvttuJ62OFPxOjiu5ZV7Uxc/6rlO63FeFPhJ9Szltu6ty3c2bplRil9tfY
4rQVoeOog3s1w+v210cDDPRJb0dpUnrySUEFF1b7mLIs8TpBq7/uSCzpDt3XURdK
1HtFnnQ6UkiiC9l/6rAKFzCqV/8G8uxmYStCXIAUPsaqca47XlaqR+Of5rqtm0wH
eU3ZdYZ5xe/+4qTHUo3HWFgoZQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFBniECWi
ntwUGsmTff7QWwAF9cLPMB8GA1UdIwQYMBaAFPxW5+B29/0KhL7MnD4ikUKgkB/s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTNFRS82ODU4RjY4ODBF
MDIxMUVBQTlCMURCNjVDNEY5QUUwMi9fRmJuNEhiM19RcUV2c3ljUGlLUlFxQ1FI
LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19GYm40SGIzX1FxRXZzeWNQaUtSUXFDUUgtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzkzRUUvNjg1OEY2ODgwRTAyMTFFQUE5QjFEQjY1QzRGOUFFMDIvQjI1NkQ4RkM0
Nzk3MTFGMDlBMjVCRTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABnh00DBABnh08wDQQCAAIwBwMFACQEdsAwDQYJKoZIhvcN
AQELBQADggEBACewsDTIARe4qQqRPlJG56B+8nEjoyin0NiX9XROWxUs+XNv05VY
YNLP8b3or5pf7ANs7kkbqICsfrRgzHJIRNZKrt4x6Xc2X9g98HwKTjvaqQNt+saU
Wxa8f4d1yHitOSznJtqBC/glJT+rYdElyhx7N+7wmbPJ2MdvpHWpUuf7GOKJ0/A6
gXN0ZK5gypMCeJizfOTf8ejyvtPe6YnFqTBrWYX3WEoHe+RsW4T9wclTtYr2nIDj
PSqsl3+t2vmO1l9qmy8YSJuO1JGkIXKS0qUMyoMFgKy/xsh81XCap4dUwLQYvzEN
VMoZ5yNhcs7t1ESnLW+PwUKRN7r6emAWchI=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:25:20 2025 by rpki-client